package eteam.aps.systemservice.service;

import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
import eteam.aps.common.R;
import eteam.aps.common.exceptions.AuthException;
import eteam.aps.common.exceptions.BusinessException;
import eteam.aps.common.helper.Helper;
import eteam.aps.systeminterface.model.dto.VerifyTokenDto;
import eteam.aps.systeminterface.model.entity.UserEntity;
import eteam.aps.systeminterface.service.IAuthController;
import eteam.aps.systemservice.bll.SystemBll;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.validation.constraints.NotBlank;
import java.util.List;

/**
 * 用户授权控制器
 */
@Api(tags = "授权服务控制器")
@Validated
@RestController
//@RequestMapping(value = "/api/auth")
public class AuthController implements IAuthController {
    /**
     * 系统服务
     */
    @Autowired
    private SystemBll systemBll;

    /**
     * 【开放接口】构建用户Token
     *
     * @param username: 用户名
     * @param password: 密码
     * @return: 用户Token信息
     */
    @ApiOperationSupport(order = 1)
    @ApiOperation(value = "构建用户Token")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "username", value = "用户名", required = true),
            @ApiImplicitParam(name = "password", value = "密码", required = true)
    })
    @Override
    @RequestMapping(value = {"/api/auth/buildtoken"}, method = {RequestMethod.POST})
    public R<UserEntity> buildToken(
            @NotBlank(message = "用户名为空") @RequestParam("username") String username,
            @NotBlank(message = "密码为空") @RequestParam("password") String password
    ) throws Exception, AuthException, BusinessException {
        return R.success(systemBll.BuildToken(username, password));
    }

    /**
     * 【开放接口】校验Token是否合法
     *
     * @param token: token信息
     * @return: 返回用户信息
     */
    @ApiOperationSupport(order = 2)
    @ApiOperation(value = "校验Token是否合法")
    @ApiImplicitParam(name = "token", value = "用户token", required = true)
    @Override
    @RequestMapping(value = {"/api/auth/verifytoken"}, method = {RequestMethod.GET})
    public R<VerifyTokenDto> verifyToken(
            @NotBlank(message = "Token为空") @RequestHeader(value = "token") String token
    ) throws Exception, AuthException, BusinessException {
        VerifyTokenDto tokenDto = systemBll.VerifyToken(token);
        if (Helper.checkObjAllFieldsIsNull(tokenDto)) {
            throw new AuthException("Token无效");
        }
        return R.success(tokenDto);
    }

    /**
     * 获取当前用户的权限Key列表
     *
     * @return: 权限列表
     */
    @ApiOperationSupport(order = 3)
    @ApiOperation(value = "获取当前用户的权限Key列表")
    @Override
    @RequestMapping(value = "/api/auth/getuclist", method = RequestMethod.GET)
    public R<List<String>> getUcList() throws Exception, AuthException {
        return R.success(systemBll.getOperations());
    }
}
